From 424d26c9728b79295f380a829d05a2fe2a2ef0e0 Mon Sep 17 00:00:00 2001 From: Robert Raposa Date: Mon, 21 Dec 2015 14:46:18 -0500 Subject: [PATCH 1/2] Update pylintrc_tweaks Add changes for longer names. This will get backed out once it makes it in to edx-pylint. TNL-3425 --- pylintrc | 10 +++++----- pylintrc_tweaks | 6 ++++++ 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/pylintrc b/pylintrc index 069eaecb7c..80f638f3d8 100644 --- a/pylintrc +++ b/pylintrc @@ -95,10 +95,10 @@ const-rgx = (([A-Z_][A-Z0-9_]*)|(__.*__)|log|urlpatterns)$ class-rgx = [A-Z_][a-zA-Z0-9]+$ function-rgx = ([a-z_][a-z0-9_]{2,40}|test_[a-z0-9_]+)$ method-rgx = ([a-z_][a-z0-9_]{2,40}|setUp|set[Uu]pClass|tearDown|tear[Dd]ownClass|assert[A-Z]\w*|maxDiff|test_[a-z0-9_]+)$ -attr-rgx = [a-z_][a-z0-9_]{2,30}$ -argument-rgx = [a-z_][a-z0-9_]{2,30}$ -variable-rgx = [a-z_][a-z0-9_]{2,30}$ -class-attribute-rgx = ([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$ +attr-rgx = [a-z_][a-z0-9_]{2,40}$ +argument-rgx = [a-z_][a-z0-9_]{2,40}$ +variable-rgx = [a-z_][a-z0-9_]{2,40}$ +class-attribute-rgx = ([A-Za-z_][A-Za-z0-9_]{2,40}|(__.*__))$ inlinevar-rgx = [A-Za-z_][A-Za-z0-9_]*$ good-names = f,i,j,k,db,ex,Run,_,__ bad-names = foo,bar,baz,toto,tutu,tata @@ -180,4 +180,4 @@ int-import-graph = [EXCEPTIONS] overgeneral-exceptions = Exception -# 22900b2201bd1e9f0050ff51de25691939dc7901 +# b98d7d902efebf1f5eaafb847960e366a35fd51b diff --git a/pylintrc_tweaks b/pylintrc_tweaks index 45c76fc02f..484eb66ce9 100644 --- a/pylintrc_tweaks +++ b/pylintrc_tweaks @@ -1,3 +1,9 @@ # pylintrc tweaks for use with edx_lint. [MASTER] ignore+ = ,migrations + +[BASIC] +attr-rgx = [a-z_][a-z0-9_]{2,40}$ +argument-rgx = [a-z_][a-z0-9_]{2,40}$ +variable-rgx = [a-z_][a-z0-9_]{2,40}$ +class-attribute-rgx = ([A-Za-z_][A-Za-z0-9_]{2,40}|(__.*__))$ From 5e69224c32484ef9e0507f469babccd71a85c09b Mon Sep 17 00:00:00 2001 From: Robert Raposa Date: Fri, 11 Dec 2015 14:26:24 -0500 Subject: [PATCH 2/2] Deprecate escaping in display_name_with_default - Remove escaping in display_name_with_default - Move escaped version to deprecated display_name_with_default_escaped - Does not include any other changes to remove double-escaping Thanks to agaylard who initiated this work: https://github.com/edx/edx-platform/pull/10756 TNL-3425 --- cms/djangoapps/contentstore/views/item.py | 4 +- cms/templates/base.html | 6 +-- cms/templates/container.html | 8 +-- cms/templates/library.html | 4 +- cms/templates/manage_users_lib.html | 2 +- cms/templates/settings.html | 4 +- cms/templates/studio_xblock_wrapper.html | 2 +- cms/templates/widgets/header.html | 4 +- common/djangoapps/course_modes/views.py | 2 +- .../lib/xmodule/xmodule/annotatable_module.py | 2 +- common/lib/xmodule/xmodule/capa_base.py | 2 +- .../xmodule/xmodule/course_metadata_utils.py | 40 +++++++++++++- .../xmodule/xmodule/imageannotation_module.py | 2 +- common/lib/xmodule/xmodule/seq_module.py | 2 +- .../tests/test_course_metadata_utils.py | 9 +++- .../xmodule/xmodule/textannotation_module.py | 2 +- .../xmodule/video_module/video_module.py | 2 +- .../xmodule/xmodule/videoannotation_module.py | 2 +- common/lib/xmodule/xmodule/x_module.py | 17 +++++- .../emails/enroll_email_allowedmessage.txt | 4 +- .../emails/enroll_email_allowedsubject.txt | 2 +- .../emails/enroll_email_enrolledmessage.txt | 2 +- .../emails/enroll_email_enrolledsubject.txt | 2 +- .../emails/unenroll_email_allowedmessage.txt | 2 +- .../emails/unenroll_email_enrolledmessage.txt | 8 +-- .../emails/unenroll_email_subject.txt | 2 +- lms/djangoapps/course_api/serializers.py | 2 +- lms/djangoapps/course_wiki/views.py | 2 +- lms/djangoapps/courseware/features/common.py | 4 +- lms/djangoapps/courseware/grades.py | 16 +++--- lms/djangoapps/courseware/module_render.py | 8 +-- lms/djangoapps/courseware/views.py | 4 +- lms/djangoapps/edxnotes/helpers.py | 6 +-- lms/djangoapps/edxnotes/tests.py | 54 +++++++++---------- lms/djangoapps/instructor/enrollment.py | 2 +- lms/djangoapps/lms_migration/migrate.py | 2 +- .../mobile_api/video_outlines/serializers.py | 2 +- lms/djangoapps/shoppingcart/models.py | 4 +- lms/djangoapps/shoppingcart/reports.py | 5 +- .../verify_student/tests/test_views.py | 10 ++-- lms/djangoapps/verify_student/views.py | 4 +- lms/templates/conditional_module.html | 2 +- lms/templates/course.html | 6 +-- lms/templates/courseware/course_about.html | 14 ++--- lms/templates/courseware/welcome-back.html | 4 +- .../dashboard/_dashboard_course_listing.html | 44 +++++++-------- lms/templates/discussion/index.html | 2 +- lms/templates/discussion/user_profile.html | 2 +- ...count_creation_and_enroll_emailMessage.txt | 4 +- .../emails/add_beta_tester_email_message.txt | 2 +- .../emails/add_beta_tester_email_subject.txt | 2 +- .../emails/enroll_email_allowedmessage.txt | 6 +-- .../emails/enroll_email_allowedsubject.txt | 2 +- .../emails/enroll_email_enrolledmessage.txt | 2 +- .../emails/enroll_email_enrolledsubject.txt | 2 +- .../remove_beta_tester_email_message.txt | 2 +- .../remove_beta_tester_email_subject.txt | 2 +- .../emails/unenroll_email_allowedmessage.txt | 2 +- .../emails/unenroll_email_enrolledmessage.txt | 8 +-- .../emails/unenroll_email_subject.txt | 2 +- lms/templates/navigation-edx.html | 2 +- lms/templates/navigation.html | 2 +- lms/templates/shoppingcart/receipt.html | 2 +- .../registration_code_receipt.html | 2 +- .../registration_code_redemption.html | 2 +- lms/templates/shoppingcart/shopping_cart.html | 2 +- .../content/course_overviews/models.py | 14 +++++ .../content/course_overviews/tests.py | 1 + openedx/core/lib/xblock_utils.py | 2 +- themes/edx.org/lms/templates/header.html | 2 +- themes/red-theme/lms/templates/header.html | 2 +- 71 files changed, 240 insertions(+), 166 deletions(-) diff --git a/cms/djangoapps/contentstore/views/item.py b/cms/djangoapps/contentstore/views/item.py index 320c001894..ca6a6160af 100644 --- a/cms/djangoapps/contentstore/views/item.py +++ b/cms/djangoapps/contentstore/views/item.py @@ -834,7 +834,7 @@ def create_xblock_info(xblock, data=None, metadata=None, include_ancestor_info=F xblock_info = { "id": unicode(xblock.location), - "display_name": xblock.display_name_with_default, + "display_name": xblock.display_name_with_default_escaped, "category": xblock.category, "edited_on": get_default_time_display(xblock.subtree_edited_on) if xblock.subtree_edited_on else None, "published": published, @@ -1098,4 +1098,4 @@ def _xblock_type_and_display_name(xblock): """ return _('{section_or_subsection} "{display_name}"').format( section_or_subsection=xblock_type_display_name(xblock), - display_name=xblock.display_name_with_default) + display_name=xblock.display_name_with_default_escaped) diff --git a/cms/templates/base.html b/cms/templates/base.html index 6cd3eefd58..5cbd750089 100644 --- a/cms/templates/base.html +++ b/cms/templates/base.html @@ -16,9 +16,9 @@ from openedx.core.lib.js_utils import ( <%block name="title"> | % if context_course: <% ctx_loc = context_course.location %> - ${context_course.display_name_with_default | h} | + ${context_course.display_name_with_default_escaped | h} | % elif context_library: - ${context_library.display_name_with_default | h} | + ${context_library.display_name_with_default_escaped | h} | % endif ${settings.STUDIO_NAME} @@ -81,7 +81,7 @@ from openedx.core.lib.js_utils import ( require(['js/factories/course'], function(CourseFactory) { CourseFactory({ id: "${escape_js_string(context_course.id) | n}", - name: "${context_course.display_name_with_default | h}", + name: "${context_course.display_name_with_default_escaped | h}", url_name: "${context_course.location.name | h}", org: "${context_course.location.org | h}", num: "${context_course.location.course | h}", diff --git a/cms/templates/container.html b/cms/templates/container.html index c44ac74b84..7aafad4c89 100644 --- a/cms/templates/container.html +++ b/cms/templates/container.html @@ -12,7 +12,7 @@ from contentstore.views.helpers import xblock_studio_url, xblock_type_display_na from django.utils.translation import ugettext as _ from openedx.core.lib.js_utils import escape_json_dumps %> -<%block name="title">${xblock.display_name_with_default} ${xblock_type_display_name(xblock) | h} +<%block name="title">${xblock.display_name_with_default_escaped} ${xblock_type_display_name(xblock) | h} <%block name="bodyclass">is-signedin course container view-container <%namespace name='static' file='static_content.html'/> @@ -55,15 +55,15 @@ from openedx.core.lib.js_utils import escape_json_dumps ancestor_url = xblock_studio_url(ancestor) %> % if ancestor_url: - ${ancestor.display_name_with_default | h} + ${ancestor.display_name_with_default_escaped | h} % else: - ${ancestor.display_name_with_default | h} + ${ancestor.display_name_with_default_escaped | h} % endif % endfor
-

${xblock.display_name_with_default | h}

+

${xblock.display_name_with_default_escaped | h}

diff --git a/cms/templates/library.html b/cms/templates/library.html index f55c745ec3..cf8eebcbd7 100644 --- a/cms/templates/library.html +++ b/cms/templates/library.html @@ -5,7 +5,7 @@ from contentstore.views.helpers import xblock_studio_url, xblock_type_display_na from django.utils.translation import ugettext as _ from openedx.core.lib.js_utils import escape_json_dumps %> -<%block name="title">${context_library.display_name_with_default} ${xblock_type_display_name(context_library)} +<%block name="title">${context_library.display_name_with_default_escaped} ${xblock_type_display_name(context_library)} <%block name="bodyclass">is-signedin course container view-container view-library <%namespace name='static' file='static_content.html'/> @@ -45,7 +45,7 @@ from openedx.core.lib.js_utils import escape_json_dumps ${_("Content Library")}
-

${context_library.display_name_with_default}

+

${context_library.display_name_with_default_escaped}

diff --git a/cms/templates/manage_users_lib.html b/cms/templates/manage_users_lib.html index b080c619f2..f0b5f3e1d2 100644 --- a/cms/templates/manage_users_lib.html +++ b/cms/templates/manage_users_lib.html @@ -107,7 +107,7 @@ from openedx.core.lib.js_utils import escape_json_dumps <%block name="requirejs"> require(["js/factories/manage_users_lib"], function(ManageLibraryUsersFactory) { ManageLibraryUsersFactory( - "${context_library.display_name_with_default | h}", + "${context_library.display_name_with_default_escaped | h}", ${escape_json_dumps(users) | n}, "${reverse('contentstore.views.course_team_handler', kwargs={'course_key_string': library_key, 'email': '@@EMAIL@@'})}", ${ request.user.id }, diff --git a/cms/templates/settings.html b/cms/templates/settings.html index 036510de2a..265d2da82b 100644 --- a/cms/templates/settings.html +++ b/cms/templates/settings.html @@ -89,10 +89,10 @@ CMS.URL.UPLOAD_ASSET = '${upload_asset_url}';
  • <% email_subject = urllib.quote(_("Enroll in {course_display_name}").format( - course_display_name = context_course.display_name_with_default + course_display_name = context_course.display_name_with_default_escaped ).encode("utf-8")) email_body = urllib.quote(_('The course "{course_display_name}", provided by {platform_name}, is open for enrollment. Please navigate to this course at {link_for_about_page} to enroll.').format( - course_display_name = context_course.display_name_with_default, + course_display_name = context_course.display_name_with_default_escaped, platform_name = settings.PLATFORM_NAME, link_for_about_page = link_for_about_page ).encode("utf-8")) diff --git a/cms/templates/studio_xblock_wrapper.html b/cms/templates/studio_xblock_wrapper.html index 129f5775b2..fb826bee0d 100644 --- a/cms/templates/studio_xblock_wrapper.html +++ b/cms/templates/studio_xblock_wrapper.html @@ -9,7 +9,7 @@ xblock_url = xblock_studio_url(xblock) show_inline = xblock.has_children and not xblock_url section_class = "level-nesting" if show_inline else "level-element" collapsible_class = "is-collapsible" if xblock.has_children else "" -label = xblock.display_name_with_default or xblock.scope_ids.block_type +label = xblock.display_name_with_default_escaped or xblock.scope_ids.block_type messages = xblock.validate().to_json() %> diff --git a/cms/templates/widgets/header.html b/cms/templates/widgets/header.html index a7b2d2dff6..6f229fe86a 100644 --- a/cms/templates/widgets/header.html +++ b/cms/templates/widgets/header.html @@ -38,7 +38,7 @@ ${_("Current Course:")} ${context_course.display_org_with_default | h}${context_course.display_number_with_default | h} - ${context_course.display_name_with_default} + ${context_course.display_name_with_default_escaped} @@ -141,7 +141,7 @@ ${_("Current Library:")} ${context_library.display_org_with_default | h}${context_library.display_number_with_default | h} - ${context_library.display_name_with_default} + ${context_library.display_name_with_default_escaped} diff --git a/common/djangoapps/course_modes/views.py b/common/djangoapps/course_modes/views.py index 58dbf8839c..ddbf571587 100644 --- a/common/djangoapps/course_modes/views.py +++ b/common/djangoapps/course_modes/views.py @@ -120,7 +120,7 @@ class ChooseModeView(View): "course_modes_choose_url": reverse("course_modes_choose", kwargs={'course_id': course_key.to_deprecated_string()}), "modes": modes, "has_credit_upsell": has_credit_upsell, - "course_name": course.display_name_with_default, + "course_name": course.display_name_with_default_escaped, "course_org": course.display_org_with_default, "course_num": course.display_number_with_default, "chosen_price": chosen_price, diff --git a/common/lib/xmodule/xmodule/annotatable_module.py b/common/lib/xmodule/xmodule/annotatable_module.py index dff30f937a..0799f3cfdd 100644 --- a/common/lib/xmodule/xmodule/annotatable_module.py +++ b/common/lib/xmodule/xmodule/annotatable_module.py @@ -150,7 +150,7 @@ class AnnotatableModule(AnnotatableFields, XModule): def get_html(self): """ Renders parameters to template. """ context = { - 'display_name': self.display_name_with_default, + 'display_name': self.display_name_with_default_escaped, 'element_id': self.element_id, 'instructions_html': self.instructions, 'content_html': self._render_content() diff --git a/common/lib/xmodule/xmodule/capa_base.py b/common/lib/xmodule/xmodule/capa_base.py index e4e7bc3165..64e9729c2a 100644 --- a/common/lib/xmodule/xmodule/capa_base.py +++ b/common/lib/xmodule/xmodule/capa_base.py @@ -658,7 +658,7 @@ class CapaMixin(CapaFields): check_button_checking = False content = { - 'name': self.display_name_with_default, + 'name': self.display_name_with_default_escaped, 'html': html, 'weight': self.weight, } diff --git a/common/lib/xmodule/xmodule/course_metadata_utils.py b/common/lib/xmodule/xmodule/course_metadata_utils.py index 500ef8485f..0a6a3ba73c 100644 --- a/common/lib/xmodule/xmodule/course_metadata_utils.py +++ b/common/lib/xmodule/xmodule/course_metadata_utils.py @@ -57,15 +57,51 @@ def display_name_with_default(course): like to just pass course.display_name and course.url_name as arguments to this function, we can't do so without breaking those tests. + Note: This method no longer escapes as it once did, so the caller must + ensure it is properly escaped where necessary. + Arguments: course (CourseDescriptor|CourseOverview): descriptor or overview of said course. """ - # TODO: Consider changing this to use something like xml.sax.saxutils.escape return ( course.display_name if course.display_name is not None else course.url_name.replace('_', ' ') - ).replace('<', '<').replace('>', '>') + ) + + +def display_name_with_default_escaped(course): + """ + DEPRECATED: use display_name_with_default + + Calculates the display name for a course with some HTML escaping. + This follows the same logic as display_name_with_default, with + the addition of the escaping. + + Here is an example of how to move away from this method in Mako html: + Before: + ${course.display_name_with_default_escaped} + + After: + ${course.display_name_with_default | h} + If the context is Javascript in Mako, you'll need to follow other best practices. + + Note: Switch to display_name_with_default, and ensure the caller + properly escapes where necessary. + + Note: This newly introduced method should not be used. It was only + introduced to enable a quick search/replace and the ability to slowly + migrate and test switching to display_name_with_default, which is no + longer escaped. + + Arguments: + course (CourseDescriptor|CourseOverview): descriptor or overview of + said course. + """ + # This escaping is incomplete. However, rather than switching this to use + # markupsafe.escape() and fixing issues, better to put that energy toward + # migrating away from this method altogether. + return course.display_name_with_default.replace('<', '<').replace('>', '>') def number_for_course_location(location): diff --git a/common/lib/xmodule/xmodule/imageannotation_module.py b/common/lib/xmodule/xmodule/imageannotation_module.py index da0f563548..aa5a0f1ee8 100644 --- a/common/lib/xmodule/xmodule/imageannotation_module.py +++ b/common/lib/xmodule/xmodule/imageannotation_module.py @@ -127,7 +127,7 @@ class ImageAnnotationModule(AnnotatableFields, XModule): def student_view(self, context): """ Renders parameters to template. """ context = { - 'display_name': self.display_name_with_default, + 'display_name': self.display_name_with_default_escaped, 'instructions_html': self.instructions, 'token': retrieve_token(self.user_email, self.annotation_token_secret), 'tag': self.instructor_tags, diff --git a/common/lib/xmodule/xmodule/seq_module.py b/common/lib/xmodule/xmodule/seq_module.py index 6389f36df7..e74ba6dc03 100644 --- a/common/lib/xmodule/xmodule/seq_module.py +++ b/common/lib/xmodule/xmodule/seq_module.py @@ -224,7 +224,7 @@ class SequenceModule(SequenceFields, ProctoringFields, XModule): 'path': " > ".join(display_names + [child.display_name or '']), } if childinfo['title'] == '': - childinfo['title'] = child.display_name_with_default + childinfo['title'] = child.display_name_with_default_escaped contents.append(childinfo) params = { diff --git a/common/lib/xmodule/xmodule/tests/test_course_metadata_utils.py b/common/lib/xmodule/xmodule/tests/test_course_metadata_utils.py index 5e8d4ec203..7feeda2c1a 100644 --- a/common/lib/xmodule/xmodule/tests/test_course_metadata_utils.py +++ b/common/lib/xmodule/xmodule/tests/test_course_metadata_utils.py @@ -11,6 +11,7 @@ from xmodule.course_metadata_utils import ( clean_course_key, url_name_for_course_location, display_name_with_default, + display_name_with_default_escaped, number_for_course_location, has_course_started, has_course_ended, @@ -133,12 +134,18 @@ class CourseMetadataUtilsTestCase(TestCase): TestScenario((self.demo_course.location,), self.demo_course.location.name), TestScenario((self.html_course.location,), self.html_course.location.name), ]), - FunctionTest(display_name_with_default, [ + FunctionTest(display_name_with_default_escaped, [ # Test course with no display name. TestScenario((self.demo_course,), "Empty"), # Test course with a display name that contains characters that need escaping. TestScenario((self.html_course,), "Intro to <html>"), ]), + FunctionTest(display_name_with_default, [ + # Test course with no display name. + TestScenario((self.demo_course,), "Empty"), + # Test course with a display name that contains characters that need escaping. + TestScenario((self.html_course,), "Intro to "), + ]), FunctionTest(number_for_course_location, [ TestScenario((self.demo_course.location,), "DemoX.1"), TestScenario((self.html_course.location,), "CS-203"), diff --git a/common/lib/xmodule/xmodule/textannotation_module.py b/common/lib/xmodule/xmodule/textannotation_module.py index 605e18e5c7..2f447f5229 100644 --- a/common/lib/xmodule/xmodule/textannotation_module.py +++ b/common/lib/xmodule/xmodule/textannotation_module.py @@ -121,7 +121,7 @@ class TextAnnotationModule(AnnotatableFields, XModule): """ Renders parameters to template. """ context = { 'course_key': self.runtime.course_id, - 'display_name': self.display_name_with_default, + 'display_name': self.display_name_with_default_escaped, 'tag': self.instructor_tags, 'source': self.source, 'instructions_html': self.instructions, diff --git a/common/lib/xmodule/xmodule/video_module/video_module.py b/common/lib/xmodule/xmodule/video_module/video_module.py index 85e56d40ad..2bc608bef6 100644 --- a/common/lib/xmodule/xmodule/video_module/video_module.py +++ b/common/lib/xmodule/xmodule/video_module/video_module.py @@ -334,7 +334,7 @@ class VideoModule(VideoFields, VideoTranscriptsMixin, VideoStudentViewHandlers, 'cdn_eval': cdn_eval, 'cdn_exp_group': cdn_exp_group, 'id': self.location.html_id(), - 'display_name': self.display_name_with_default, + 'display_name': self.display_name_with_default_escaped, 'handout': self.handout, 'download_video_link': download_video_link, 'track': track_url, diff --git a/common/lib/xmodule/xmodule/videoannotation_module.py b/common/lib/xmodule/xmodule/videoannotation_module.py index af0fd4ad97..9d3c10efe7 100644 --- a/common/lib/xmodule/xmodule/videoannotation_module.py +++ b/common/lib/xmodule/xmodule/videoannotation_module.py @@ -128,7 +128,7 @@ class VideoAnnotationModule(AnnotatableFields, XModule): context = { 'course_key': self.runtime.course_id, - 'display_name': self.display_name_with_default, + 'display_name': self.display_name_with_default_escaped, 'instructions_html': self.instructions, 'sourceUrl': self.sourceurl, 'typeSource': extension, diff --git a/common/lib/xmodule/xmodule/x_module.py b/common/lib/xmodule/xmodule/x_module.py index 6bea61a777..8060a71004 100644 --- a/common/lib/xmodule/xmodule/x_module.py +++ b/common/lib/xmodule/xmodule/x_module.py @@ -348,6 +348,21 @@ class XModuleMixin(XModuleFields, XBlock): """ return course_metadata_utils.display_name_with_default(self) + @property + def display_name_with_default_escaped(self): + """ + DEPRECATED: use display_name_with_default + + Return an html escaped display name for the module: use display_name if + defined in metadata, otherwise convert the url name. + + Note: This newly introduced method should not be used. It was only + introduced to enable a quick search/replace and the ability to slowly + migrate and test switching to display_name_with_default, which is no + longer escaped. + """ + return course_metadata_utils.display_name_with_default_escaped(self) + @property def xblock_kvs(self): """ @@ -424,7 +439,7 @@ class XModuleMixin(XModuleFields, XBlock): if self.has_children: return sum((child.get_content_titles() for child in self.get_children()), []) else: - return [self.display_name_with_default] + return [self.display_name_with_default_escaped] def get_children(self, usage_id_filter=None, usage_key_filter=None): # pylint: disable=arguments-differ """Returns a list of XBlock instances for the children of diff --git a/common/test/test_microsites/test_microsite/templates/emails/enroll_email_allowedmessage.txt b/common/test/test_microsites/test_microsite/templates/emails/enroll_email_allowedmessage.txt index f6a729cfc1..07ab2f601e 100644 --- a/common/test/test_microsites/test_microsite/templates/emails/enroll_email_allowedmessage.txt +++ b/common/test/test_microsites/test_microsite/templates/emails/enroll_email_allowedmessage.txt @@ -4,7 +4,7 @@ ${_("Dear student,")} ${_("You have been invited to join {course_name} at {site_name} by a " "member of the course staff.").format( - course_name=course.display_name_with_default, + course_name=course.display_name_with_default_escaped, site_name=site_name )} @@ -16,7 +16,7 @@ ${_("To finish your registration, please visit {registration_url} and fill " % if auto_enroll: ${_("Once you have registered and activated your account, you will see " "{course_name} listed on your dashboard.").format( - course_name=course.display_name_with_default + course_name=course.display_name_with_default_escaped )} % else: ${_("Once you have registered and activated your account, visit {course_about_url} " diff --git a/common/test/test_microsites/test_microsite/templates/emails/enroll_email_allowedsubject.txt b/common/test/test_microsites/test_microsite/templates/emails/enroll_email_allowedsubject.txt index 6ed7ce61b5..bcd58b1b6c 100644 --- a/common/test/test_microsites/test_microsite/templates/emails/enroll_email_allowedsubject.txt +++ b/common/test/test_microsites/test_microsite/templates/emails/enroll_email_allowedsubject.txt @@ -1,5 +1,5 @@ <%! from django.utils.translation import ugettext as _ %> ${_("You have been invited to register for {course_name}").format( - course_name=course.display_name_with_default + course_name=course.display_name_with_default_escaped )} \ No newline at end of file diff --git a/common/test/test_microsites/test_microsite/templates/emails/enroll_email_enrolledmessage.txt b/common/test/test_microsites/test_microsite/templates/emails/enroll_email_enrolledmessage.txt index a0a817473e..d7fe613f0e 100644 --- a/common/test/test_microsites/test_microsite/templates/emails/enroll_email_enrolledmessage.txt +++ b/common/test/test_microsites/test_microsite/templates/emails/enroll_email_enrolledmessage.txt @@ -5,7 +5,7 @@ ${_("Dear {full_name}").format(full_name=full_name)} ${_("You have been enrolled in {course_name} at {site_name} by a member " "of the course staff. The course should now appear on your {site_name} " "dashboard.").format( - course_name=course.display_name_with_default, + course_name=course.display_name_with_default_escaped, site_name=site_name )} diff --git a/common/test/test_microsites/test_microsite/templates/emails/enroll_email_enrolledsubject.txt b/common/test/test_microsites/test_microsite/templates/emails/enroll_email_enrolledsubject.txt index f13675f99a..0252b90451 100644 --- a/common/test/test_microsites/test_microsite/templates/emails/enroll_email_enrolledsubject.txt +++ b/common/test/test_microsites/test_microsite/templates/emails/enroll_email_enrolledsubject.txt @@ -1,5 +1,5 @@ <%! from django.utils.translation import ugettext as _ %> ${_("You have been enrolled in {course_name}").format( - course_name=course.display_name_with_default + course_name=course.display_name_with_default_escaped )} \ No newline at end of file diff --git a/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_allowedmessage.txt b/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_allowedmessage.txt index 6e3386738e..17f7afc415 100644 --- a/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_allowedmessage.txt +++ b/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_allowedmessage.txt @@ -4,7 +4,7 @@ ${_("Dear Student,")} ${_("You have been un-enrolled from course {course_name} by a member " "of the course staff. Please disregard the invitation " - "previously sent.").format(course_name=course.display_name_with_default)} + "previously sent.").format(course_name=course.display_name_with_default_escaped)} ---- ${_("This email was automatically sent from {site_name} " diff --git a/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_enrolledmessage.txt b/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_enrolledmessage.txt index 9a6e5d9161..c9e0463e2a 100644 --- a/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_enrolledmessage.txt +++ b/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_enrolledmessage.txt @@ -5,13 +5,13 @@ ${_("Dear {full_name}").format(full_name=full_name)} ${_("You have been un-enrolled in {course_name} at {site_name} by a member " "of the course staff. The course will no longer appear on your " "{site_name} dashboard.").format( - course_name=course.display_name_with_default, site_name=site_name + course_name=course.display_name_with_default_escaped, site_name=site_name )} ${_("Your other courses have not been affected.")} ---- ${_("This email was automatically sent from {site_name} to " - "{full_name}").format( - full_name=full_name, site_name=site_name - )} \ No newline at end of file + "{full_name}").format( + full_name=full_name, site_name=site_name + )} diff --git a/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_subject.txt b/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_subject.txt index 9dd348e2b6..5be3aad439 100644 --- a/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_subject.txt +++ b/common/test/test_microsites/test_microsite/templates/emails/unenroll_email_subject.txt @@ -1,5 +1,5 @@ <%! from django.utils.translation import ugettext as _ %> ${_("You have been un-enrolled from {course_name}").format( - course_name=course.display_name_with_default + course_name=course.display_name_with_default_escaped )} \ No newline at end of file diff --git a/lms/djangoapps/course_api/serializers.py b/lms/djangoapps/course_api/serializers.py index 3394044ccb..6504e7dfbc 100644 --- a/lms/djangoapps/course_api/serializers.py +++ b/lms/djangoapps/course_api/serializers.py @@ -39,7 +39,7 @@ class CourseSerializer(serializers.Serializer): # pylint: disable=abstract-meth """ course_id = serializers.CharField(source='id', read_only=True) - name = serializers.CharField(source='display_name_with_default') + name = serializers.CharField(source='display_name_with_default_escaped') number = serializers.CharField(source='display_number_with_default') org = serializers.CharField(source='display_org_with_default') short_description = serializers.CharField() diff --git a/lms/djangoapps/course_wiki/views.py b/lms/djangoapps/course_wiki/views.py index e75abca2c9..06dfc63bca 100644 --- a/lms/djangoapps/course_wiki/views.py +++ b/lms/djangoapps/course_wiki/views.py @@ -89,7 +89,7 @@ def course_wiki_redirect(request, course_id): # pylint: disable=unused-argument # Translators: this string includes wiki markup. Leave the ** and the _ alone. _("This is the wiki for **{organization}**'s _{course_name}_.").format( organization=course.display_org_with_default, - course_name=course.display_name_with_default, + course_name=course.display_name_with_default_escaped, ) ) urlpath = URLPath.create_article( diff --git a/lms/djangoapps/courseware/features/common.py b/lms/djangoapps/courseware/features/common.py index f00e3cca0b..832fb46173 100644 --- a/lms/djangoapps/courseware/features/common.py +++ b/lms/djangoapps/courseware/features/common.py @@ -223,9 +223,9 @@ def get_courseware_with_tabs(course_id): course = get_course_by_id(course_id) chapters = [chapter for chapter in course.get_children() if not chapter.hide_from_toc] courseware = [{ - 'chapter_name': c.display_name_with_default, + 'chapter_name': c.display_name_with_default_escaped, 'sections': [{ - 'section_name': s.display_name_with_default, + 'section_name': s.display_name_with_default_escaped, 'clickable_tab_count': len(s.get_children()) if (type(s) == seq_module.SequenceDescriptor) else 0, 'tabs': [{ 'children_count': len(t.get_children()) if (type(t) == vertical_block.VerticalBlock) else 0, diff --git a/lms/djangoapps/courseware/grades.py b/lms/djangoapps/courseware/grades.py index 1becdeb04b..c651109c21 100644 --- a/lms/djangoapps/courseware/grades.py +++ b/lms/djangoapps/courseware/grades.py @@ -247,7 +247,7 @@ def answer_distributions(course_key): problem_store = modulestore() if usage_key not in state_keys_to_problem_info: problem = problem_store.get_item(usage_key) - problem_info = (problem.url_name, problem.display_name_with_default) + problem_info = (problem.url_name, problem.display_name_with_default_escaped) state_keys_to_problem_info[usage_key] = problem_info return state_keys_to_problem_info[usage_key] @@ -374,7 +374,7 @@ def _grade(student, request, course, keep_raw_scores, field_data_cache, scores_c format_scores = [] for section in sections: section_descriptor = section['section_descriptor'] - section_name = section_descriptor.display_name_with_default + section_name = section_descriptor.display_name_with_default_escaped with outer_atomic(): # some problems have state that is updated independently of interaction @@ -449,7 +449,7 @@ def _grade(student, request, course, keep_raw_scores, field_data_cache, scores_c correct, total, graded, - module_descriptor.display_name_with_default, + module_descriptor.display_name_with_default_escaped, module_descriptor.location ) ) @@ -629,7 +629,7 @@ def _progress_summary(student, request, course, field_data_cache=None, scores_cl correct, total, graded, - module_descriptor.display_name_with_default, + module_descriptor.display_name_with_default_escaped, module_descriptor.location ) @@ -638,11 +638,11 @@ def _progress_summary(student, request, course, field_data_cache=None, scores_cl scores.reverse() section_total, _ = graders.aggregate_scores( - scores, section_module.display_name_with_default) + scores, section_module.display_name_with_default_escaped) module_format = section_module.format if section_module.format is not None else '' sections.append({ - 'display_name': section_module.display_name_with_default, + 'display_name': section_module.display_name_with_default_escaped, 'url_name': section_module.url_name, 'scores': scores, 'section_total': section_total, @@ -652,8 +652,8 @@ def _progress_summary(student, request, course, field_data_cache=None, scores_cl }) chapters.append({ - 'course': course.display_name_with_default, - 'display_name': chapter_module.display_name_with_default, + 'course': course.display_name_with_default_escaped, + 'display_name': chapter_module.display_name_with_default_escaped, 'url_name': chapter_module.url_name, 'sections': sections }) diff --git a/lms/djangoapps/courseware/module_render.py b/lms/djangoapps/courseware/module_render.py index 25a74b6d69..b18f94ae7f 100644 --- a/lms/djangoapps/courseware/module_render.py +++ b/lms/djangoapps/courseware/module_render.py @@ -166,7 +166,7 @@ def toc_for_course(user, request, course, active_chapter, active_section, field_ for chapter in chapters: # Only show required content, if there is required content # chapter.hide_from_toc is read-only (boo) - display_id = slugify(chapter.display_name_with_default) + display_id = slugify(chapter.display_name_with_default_escaped) local_hide_from_toc = False if required_content: if unicode(chapter.location) not in required_content: @@ -184,7 +184,7 @@ def toc_for_course(user, request, course, active_chapter, active_section, field_ if not section.hide_from_toc: section_context = { - 'display_name': section.display_name_with_default, + 'display_name': section.display_name_with_default_escaped, 'url_name': section.url_name, 'format': section.format if section.format is not None else '', 'due': section.due, @@ -247,7 +247,7 @@ def toc_for_course(user, request, course, active_chapter, active_section, field_ sections.append(section_context) toc_chapters.append({ - 'display_name': chapter.display_name_with_default, + 'display_name': chapter.display_name_with_default_escaped, 'display_id': display_id, 'url_name': chapter.url_name, 'sections': sections, @@ -941,7 +941,7 @@ def get_module_by_usage_id(request, course_id, usage_id, disable_staff_debug_inf tracking_context = { 'module': { - 'display_name': descriptor.display_name_with_default, + 'display_name': descriptor.display_name_with_default_escaped, 'usage_key': unicode(descriptor.location), } } diff --git a/lms/djangoapps/courseware/views.py b/lms/djangoapps/courseware/views.py index 2638bda9e8..981b0b6a7a 100644 --- a/lms/djangoapps/courseware/views.py +++ b/lms/djangoapps/courseware/views.py @@ -427,7 +427,7 @@ def _index_bulk_op(request, course_key, chapter, section, position): context = { 'csrf': csrf(request)['csrf_token'], 'accordion': render_accordion(user, request, course, chapter, section, field_data_cache), - 'COURSE_TITLE': course.display_name_with_default, + 'COURSE_TITLE': course.display_name_with_default_escaped, 'course': course, 'init': '', 'fragment': Fragment(), @@ -539,7 +539,7 @@ def _index_bulk_op(request, course_key, chapter, section, position): save_child_position(chapter_module, section) section_render_context = {'activate_block_id': request.GET.get('activate_block_id')} context['fragment'] = section_module.render(STUDENT_VIEW, section_render_context) - context['section_title'] = section_descriptor.display_name_with_default + context['section_title'] = section_descriptor.display_name_with_default_escaped else: # section is none, so display a message studio_url = get_studio_url(course, 'course') diff --git a/lms/djangoapps/edxnotes/helpers.py b/lms/djangoapps/edxnotes/helpers.py index 1f05863716..61cd678192 100644 --- a/lms/djangoapps/edxnotes/helpers.py +++ b/lms/djangoapps/edxnotes/helpers.py @@ -207,7 +207,7 @@ def get_module_context(course, item): """ item_dict = { 'location': unicode(item.location), - 'display_name': item.display_name_with_default, + 'display_name': item.display_name_with_default_escaped, } if item.category == 'chapter' and item.get_parent(): # course is a locator w/o branch and version @@ -328,7 +328,7 @@ def get_course_position(course_module): urlargs['chapter'] = chapter.url_name if course_module.position is not None: return { - 'display_name': chapter.display_name_with_default, + 'display_name': chapter.display_name_with_default_escaped, 'url': reverse('courseware_chapter', kwargs=urlargs), } @@ -340,7 +340,7 @@ def get_course_position(course_module): urlargs['section'] = section.url_name return { - 'display_name': section.display_name_with_default, + 'display_name': section.display_name_with_default_escaped, 'url': reverse('courseware_section', kwargs=urlargs) } diff --git a/lms/djangoapps/edxnotes/tests.py b/lms/djangoapps/edxnotes/tests.py index 07e905d252..be7637667f 100644 --- a/lms/djangoapps/edxnotes/tests.py +++ b/lms/djangoapps/edxnotes/tests.py @@ -301,19 +301,19 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): u"quote": u"quote text", u"text": u"text", u"chapter": { - u"display_name": self.chapter.display_name_with_default, + u"display_name": self.chapter.display_name_with_default_escaped, u"index": 0, u"location": unicode(self.chapter.location), u"children": [unicode(self.sequential.location)] }, u"section": { - u"display_name": self.sequential.display_name_with_default, + u"display_name": self.sequential.display_name_with_default_escaped, u"location": unicode(self.sequential.location), u"children": [unicode(self.vertical.location), unicode(self.vertical_with_container.location)] }, u"unit": { u"url": self._get_unit_url(self.course, self.chapter, self.sequential), - u"display_name": self.vertical.display_name_with_default, + u"display_name": self.vertical.display_name_with_default_escaped, u"location": unicode(self.vertical.location), }, u"usage_id": unicode(self.html_module_2.location), @@ -323,13 +323,13 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): u"quote": u"quote text", u"text": u"text", u"chapter": { - u"display_name": self.chapter.display_name_with_default, + u"display_name": self.chapter.display_name_with_default_escaped, u"index": 0, u"location": unicode(self.chapter.location), u"children": [unicode(self.sequential.location)] }, u"section": { - u"display_name": self.sequential.display_name_with_default, + u"display_name": self.sequential.display_name_with_default_escaped, u"location": unicode(self.sequential.location), u"children": [ unicode(self.vertical.location), @@ -337,7 +337,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): }, u"unit": { u"url": self._get_unit_url(self.course, self.chapter, self.sequential), - u"display_name": self.vertical.display_name_with_default, + u"display_name": self.vertical.display_name_with_default_escaped, u"location": unicode(self.vertical.location), }, u"usage_id": unicode(self.html_module_1.location), @@ -394,13 +394,13 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): u"quote": u"quote text", u"text": u"text", u"chapter": { - u"display_name": self.chapter.display_name_with_default, + u"display_name": self.chapter.display_name_with_default_escaped, u"index": 0, u"location": unicode(self.chapter.location), u"children": [unicode(self.sequential.location)] }, u"section": { - u"display_name": self.sequential.display_name_with_default, + u"display_name": self.sequential.display_name_with_default_escaped, u"location": unicode(self.sequential.location), u"children": [ unicode(self.vertical.location), @@ -408,7 +408,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): }, u"unit": { u"url": self._get_unit_url(self.course, self.chapter, self.sequential), - u"display_name": self.vertical.display_name_with_default, + u"display_name": self.vertical.display_name_with_default_escaped, u"location": unicode(self.vertical.location), }, u"usage_id": unicode(self.html_module_2.location), @@ -418,13 +418,13 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): u"quote": u"quote text", u"text": u"text", u"chapter": { - u"display_name": self.chapter.display_name_with_default, + u"display_name": self.chapter.display_name_with_default_escaped, u"index": 0, u"location": unicode(self.chapter.location), u"children": [unicode(self.sequential.location)] }, u"section": { - u"display_name": self.sequential.display_name_with_default, + u"display_name": self.sequential.display_name_with_default_escaped, u"location": unicode(self.sequential.location), u"children": [ unicode(self.vertical.location), @@ -432,7 +432,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): }, u"unit": { u"url": self._get_unit_url(self.course, self.chapter, self.sequential), - u"display_name": self.vertical.display_name_with_default, + u"display_name": self.vertical.display_name_with_default_escaped, u"location": unicode(self.vertical.location), }, u"usage_id": unicode(self.html_module_1.location), @@ -492,19 +492,19 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): u"quote": u"test <script>alert('test')</script>", u"text": u'text "<>&\'', u"chapter": { - u"display_name": self.chapter.display_name_with_default, + u"display_name": self.chapter.display_name_with_default_escaped, u"index": 0, u"location": unicode(self.chapter.location), u"children": [unicode(self.sequential.location)] }, u"section": { - u"display_name": self.sequential.display_name_with_default, + u"display_name": self.sequential.display_name_with_default_escaped, u"location": unicode(self.sequential.location), u"children": [unicode(self.vertical.location), unicode(self.vertical_with_container.location)] }, u"unit": { u"url": self._get_unit_url(self.course, self.chapter, self.sequential), - u"display_name": self.vertical.display_name_with_default, + u"display_name": self.vertical.display_name_with_default_escaped, u"location": unicode(self.vertical.location), }, u"usage_id": unicode(self.html_module_1.location), @@ -537,19 +537,19 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): u"quote": u"quote text", u"text": u"text", u"chapter": { - u"display_name": self.chapter.display_name_with_default, + u"display_name": self.chapter.display_name_with_default_escaped, u"index": 0, u"location": unicode(self.chapter.location), u"children": [unicode(self.sequential.location)] }, u"section": { - u"display_name": self.sequential.display_name_with_default, + u"display_name": self.sequential.display_name_with_default_escaped, u"location": unicode(self.sequential.location), u"children": [unicode(self.vertical.location), unicode(self.vertical_with_container.location)] }, u"unit": { u"url": self._get_unit_url(self.course, self.chapter, self.sequential), - u"display_name": self.vertical.display_name_with_default, + u"display_name": self.vertical.display_name_with_default_escaped, u"location": unicode(self.vertical.location), }, u"usage_id": unicode(self.html_module_1.location), @@ -583,19 +583,19 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): u"quote": u"quote text", u"text": u"text", u"chapter": { - u"display_name": self.chapter.display_name_with_default, + u"display_name": self.chapter.display_name_with_default_escaped, u"index": 0, u"location": unicode(self.chapter.location), u"children": [unicode(self.sequential.location)] }, u"section": { - u"display_name": self.sequential.display_name_with_default, + u"display_name": self.sequential.display_name_with_default_escaped, u"location": unicode(self.sequential.location), u"children": [unicode(self.vertical.location), unicode(self.vertical_with_container.location)] }, u"unit": { u"url": self._get_unit_url(self.course, self.chapter, self.sequential), - u"display_name": self.vertical.display_name_with_default, + u"display_name": self.vertical.display_name_with_default_escaped, u"location": unicode(self.vertical.location), }, u"usage_id": unicode(self.html_module_1.location), @@ -646,7 +646,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): """ self.assertDictEqual( { - u"display_name": self.sequential.display_name_with_default, + u"display_name": self.sequential.display_name_with_default_escaped, u"location": unicode(self.sequential.location), u"children": [unicode(self.vertical.location), unicode(self.vertical_with_container.location)], }, @@ -659,7 +659,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): """ self.assertDictEqual( { - u"display_name": self.html_module_1.display_name_with_default, + u"display_name": self.html_module_1.display_name_with_default_escaped, u"location": unicode(self.html_module_1.location), }, helpers.get_module_context(self.course, self.html_module_1) @@ -671,7 +671,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): """ self.assertDictEqual( { - u"display_name": self.chapter.display_name_with_default, + u"display_name": self.chapter.display_name_with_default_escaped, u"index": 0, u"location": unicode(self.chapter.location), u"children": [unicode(self.sequential.location)], @@ -680,7 +680,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): ) self.assertDictEqual( { - u"display_name": self.chapter_2.display_name_with_default, + u"display_name": self.chapter_2.display_name_with_default_escaped, u"index": 1, u"location": unicode(self.chapter_2.location), u"children": [], @@ -760,7 +760,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): mock_chapter = MagicMock() mock_chapter.url_name = 'chapter_url_name' - mock_chapter.display_name_with_default = 'Test Chapter Display Name' + mock_chapter.display_name_with_default_escaped = 'Test Chapter Display Name' mock_course_module.get_display_items.return_value = [mock_chapter] @@ -790,7 +790,7 @@ class EdxNotesHelpersTest(ModuleStoreTestCase): mock_section = MagicMock() mock_section.url_name = 'section_url_name' - mock_section.display_name_with_default = 'Test Section Display Name' + mock_section.display_name_with_default_escaped = 'Test Section Display Name' mock_chapter.get_display_items.return_value = [mock_section] mock_section.get_display_items.return_value = [MagicMock()] diff --git a/lms/djangoapps/instructor/enrollment.py b/lms/djangoapps/instructor/enrollment.py index 31f0f3ff25..d2f288ae6e 100644 --- a/lms/djangoapps/instructor/enrollment.py +++ b/lms/djangoapps/instructor/enrollment.py @@ -281,7 +281,7 @@ def get_email_params(course, auto_enroll, secure=True, course_key=None, display_ protocol = 'https' if secure else 'http' course_key = course_key or course.id.to_deprecated_string() - display_name = display_name or course.display_name_with_default + display_name = display_name or course.display_name_with_default_escaped stripped_site_name = microsite.get_value( 'SITE_NAME', diff --git a/lms/djangoapps/lms_migration/migrate.py b/lms/djangoapps/lms_migration/migrate.py index 55b3ec1520..e3a6751b0d 100644 --- a/lms/djangoapps/lms_migration/migrate.py +++ b/lms/djangoapps/lms_migration/migrate.py @@ -132,7 +132,7 @@ def manage_modulestores(request, reload_dir=None, commit_id=None): for cdir, course in def_ms.courses.items(): html += '
    ' - html += '

    Course: %s (%s)

    ' % (course.display_name_with_default, cdir) + html += '

    Course: %s (%s)

    ' % (course.display_name_with_default_escaped, cdir) html += '

    commit_id=%s

    ' % get_commit_id(course) diff --git a/lms/djangoapps/mobile_api/video_outlines/serializers.py b/lms/djangoapps/mobile_api/video_outlines/serializers.py index 90fcb4929e..f1eb5a813b 100644 --- a/lms/djangoapps/mobile_api/video_outlines/serializers.py +++ b/lms/djangoapps/mobile_api/video_outlines/serializers.py @@ -107,7 +107,7 @@ def path(block, child_to_parent, start_block): if block is not start_block: block_path.append({ # to be consistent with other edx-platform clients, return the defaulted display name - 'name': block.display_name_with_default, + 'name': block.display_name_with_default_escaped, 'category': block.category, 'id': unicode(block.location) }) diff --git a/lms/djangoapps/shoppingcart/models.py b/lms/djangoapps/shoppingcart/models.py index ae74ee9d46..eab56dec8d 100644 --- a/lms/djangoapps/shoppingcart/models.py +++ b/lms/djangoapps/shoppingcart/models.py @@ -1578,7 +1578,7 @@ class PaidCourseRegistration(OrderItem): item.unit_cost = cost item.list_price = cost item.line_desc = _(u'Registration for Course: {course_name}').format( - course_name=course.display_name_with_default) + course_name=course.display_name_with_default_escaped) item.currency = currency order.currency = currency item.report_comments = item.csv_report_comments @@ -1755,7 +1755,7 @@ class CourseRegCodeItem(OrderItem): item.list_price = cost item.qty = qty item.line_desc = _(u'Enrollment codes for Course: {course_name}').format( - course_name=course.display_name_with_default) + course_name=course.display_name_with_default_escaped) item.currency = currency order.currency = currency item.report_comments = item.csv_report_comments diff --git a/lms/djangoapps/shoppingcart/reports.py b/lms/djangoapps/shoppingcart/reports.py index 997997a37c..a7319ceff9 100644 --- a/lms/djangoapps/shoppingcart/reports.py +++ b/lms/djangoapps/shoppingcart/reports.py @@ -157,7 +157,8 @@ class CertificateStatusReport(Report): # it in the report. These comparisons are unicode-safe. cur_course = get_course_by_id(course_id) university = cur_course.org - course = cur_course.number + " " + cur_course.display_name_with_default # TODO add term (i.e. Fall 2013)? + # TODO add term (i.e. Fall 2013) to course? + course = cur_course.number + " " + cur_course.display_name_with_default_escaped counts = CourseEnrollment.objects.enrollment_counts(course_id) total_enrolled = counts['total'] audit_enrolled = counts['audit'] @@ -237,7 +238,7 @@ class UniversityRevenueShareReport(Report): for course_id in course_ids_between(self.start_word, self.end_word): cur_course = get_course_by_id(course_id) university = cur_course.org - course = cur_course.number + " " + cur_course.display_name_with_default + course = cur_course.number + " " + cur_course.display_name_with_default_escaped total_payments_collected = CertificateItem.verified_certificates_monetary_field_sum(course_id, 'purchased', 'unit_cost') service_fees = CertificateItem.verified_certificates_monetary_field_sum(course_id, 'purchased', 'service_fee') num_refunds = CertificateItem.verified_certificates_count(course_id, "refunded") diff --git a/lms/djangoapps/verify_student/tests/test_views.py b/lms/djangoapps/verify_student/tests/test_views.py index df0eb464d7..d1c8731855 100644 --- a/lms/djangoapps/verify_student/tests/test_views.py +++ b/lms/djangoapps/verify_student/tests/test_views.py @@ -2297,7 +2297,7 @@ class TestEmailMessageWithCustomICRVBlock(ModuleStoreTestCase): "We have successfully verified your identity for the {assessment} " "assessment in the {course_name} course.".format( assessment=self.assessment, - course_name=self.course.display_name_with_default + course_name=self.course.display_name_with_default_escaped ), body ) @@ -2316,7 +2316,7 @@ class TestEmailMessageWithCustomICRVBlock(ModuleStoreTestCase): "in the {course_name} course. You have used " "{used_attempts} out of {allowed_attempts} attempts to " "verify your identity".format( - course_name=self.course.display_name_with_default, + course_name=self.course.display_name_with_default_escaped, assessment=self.assessment, used_attempts=1, allowed_attempts=self.allowed_attempts + 1 @@ -2361,7 +2361,7 @@ class TestEmailMessageWithCustomICRVBlock(ModuleStoreTestCase): "{used_attempts} out of {allowed_attempts} attempts to " "verify your identity, and verification is no longer " "possible".format( - course_name=self.course.display_name_with_default, + course_name=self.course.display_name_with_default_escaped, assessment=self.assessment, used_attempts=2, allowed_attempts=self.allowed_attempts + 1 @@ -2385,7 +2385,7 @@ class TestEmailMessageWithCustomICRVBlock(ModuleStoreTestCase): "{used_attempts} out of {allowed_attempts} attempts to " "verify your identity, and verification is no longer " "possible".format( - course_name=self.course.display_name_with_default, + course_name=self.course.display_name_with_default_escaped, assessment=self.assessment, used_attempts=1, allowed_attempts=self.allowed_attempts + 1 @@ -2494,7 +2494,7 @@ class TestEmailMessageWithDefaultICRVBlock(ModuleStoreTestCase): "{used_attempts} out of {allowed_attempts} attempts to " "verify your identity, and verification is no longer " "possible".format( - course_name=self.course.display_name_with_default, + course_name=self.course.display_name_with_default_escaped, assessment=self.assessment, used_attempts=1, allowed_attempts=1 diff --git a/lms/djangoapps/verify_student/views.py b/lms/djangoapps/verify_student/views.py index b1d124f975..cbaca23abe 100644 --- a/lms/djangoapps/verify_student/views.py +++ b/lms/djangoapps/verify_student/views.py @@ -1150,7 +1150,7 @@ def _compose_message_reverification_email( subject = "Re-verification Status" context = { "status": status, - "course_name": course.display_name_with_default, + "course_name": course.display_name_with_default_escaped, "assessment": reverification_block.related_assessment } @@ -1431,7 +1431,7 @@ class InCourseReverifyView(View): context = { 'course_key': unicode(course_key), - 'course_name': course.display_name_with_default, + 'course_name': course.display_name_with_default_escaped, 'checkpoint_name': checkpoint.checkpoint_name, 'platform_name': settings.PLATFORM_NAME, 'usage_id': usage_id, diff --git a/lms/templates/conditional_module.html b/lms/templates/conditional_module.html index fa4b7f3a68..6b6c1429ea 100644 --- a/lms/templates/conditional_module.html +++ b/lms/templates/conditional_module.html @@ -6,7 +6,7 @@ def _message(reqm, message): return message.format(link="{url_name}".format( url = reverse('jump_to', kwargs=dict(course_id=reqm.course_id.to_deprecated_string(), location=reqm.location.to_deprecated_string())), - url_name = reqm.display_name_with_default)) + url_name = reqm.display_name_with_default_escaped)) %> % if message: % for reqm in module.required_modules: diff --git a/lms/templates/course.html b/lms/templates/course.html index 8fffd9b262..324194fe52 100644 --- a/lms/templates/course.html +++ b/lms/templates/course.html @@ -4,11 +4,11 @@ from django.utils.translation import ugettext as _ from django.core.urlresolvers import reverse %> <%page args="course" /> -
    +
    - ${course.display_name_with_default} ${course.display_number_with_default | h} + ${course.display_name_with_default_escaped} ${course.display_number_with_default | h}
    @@ -16,7 +16,7 @@ from django.core.urlresolvers import reverse

    ${course.display_org_with_default | h} ${course.display_number_with_default | h} - ${course.display_name_with_default} + ${course.display_name_with_default_escaped}

    diff --git a/lms/templates/courseware/course_about.html b/lms/templates/courseware/course_about.html index e16259e3e4..dbddd8a5c1 100644 --- a/lms/templates/courseware/course_about.html +++ b/lms/templates/courseware/course_about.html @@ -13,7 +13,7 @@ from openedx.core.lib.courses import course_image_url <%block name="headextra"> ## OG (Open Graph) title and description added below to give social media info to display ## (https://developers.facebook.com/docs/opengraph/howtos/maximizing-distribution-media-content#tags) - + @@ -102,7 +102,7 @@ from openedx.core.lib.courses import course_image_url -<%block name="pagetitle">${course.display_name_with_default} +<%block name="pagetitle">${course.display_name_with_default_escaped}
    @@ -111,7 +111,7 @@ from openedx.core.lib.courses import course_image_url

    - ${course.display_name_with_default} + ${course.display_name_with_default_escaped} % if not self.theme_enabled(): ${course.display_org_with_default | h} % endif @@ -220,10 +220,10 @@ from openedx.core.lib.courses import course_image_url ## or something allowing themes to do whatever they ## want here (and on this whole page, really). % if self.stanford_theme_enabled(): - - % else: @@ -235,7 +235,7 @@ from openedx.core.lib.courses import course_image_url ## Twitter account. {url} should appear at the end of the text. tweet_text = _("I just enrolled in {number} {title} through {account}: {url}").format( number=course.number, - title=course.display_name_with_default, + title=course.display_name_with_default_escaped, account=microsite.get_value('course_about_twitter_account', settings.PLATFORM_TWITTER_ACCOUNT), url=u"http://{domain}{path}".format( domain=site_domain, @@ -250,7 +250,7 @@ from openedx.core.lib.courses import course_image_url subject=_("Take a course with {platform} online").format(platform=platform_name), body=_("I just enrolled in {number} {title} through {platform} {url}").format( number=course.number, - title=course.display_name_with_default, + title=course.display_name_with_default_escaped, platform=platform_name, url=u"http://{domain}{path}".format( domain=site_domain, diff --git a/lms/templates/courseware/welcome-back.html b/lms/templates/courseware/welcome-back.html index 8ce0631c7a..47422eab6f 100644 --- a/lms/templates/courseware/welcome-back.html +++ b/lms/templates/courseware/welcome-back.html @@ -2,11 +2,11 @@ from django.utils.translation import ugettext as _ %> -

    ${chapter_module.display_name_with_default}

    +

    ${chapter_module.display_name_with_default_escaped}

    ${_("You were most recently in {section_link}. If you\'re done with that, choose another section on the left.").format( section_link=u'{section_name}'.format( url=prev_section_url, - section_name=prev_section.display_name_with_default, + section_name=prev_section.display_name_with_default_escaped, ) )}

    diff --git a/lms/templates/dashboard/_dashboard_course_listing.html b/lms/templates/dashboard/_dashboard_course_listing.html index cab9f83c66..1852a21db2 100644 --- a/lms/templates/dashboard/_dashboard_course_listing.html +++ b/lms/templates/dashboard/_dashboard_course_listing.html @@ -63,16 +63,16 @@ from student.helpers import ( % if show_courseware_link: % if not is_course_blocked: - ${_('{course_number} {course_name} Home Page').format(course_number=course_overview.number, course_name=course_overview.display_name_with_default) |h} + ${_('{course_number} {course_name} Home Page').format(course_number=course_overview.number, course_name=course_overview.display_name_with_default_escaped) |h} % else: - ${_('{course_number} {course_name} Cover Image').format(course_number=course_overview.number, course_name=course_overview.display_name_with_default) |h} + ${_('{course_number} {course_name} Cover Image').format(course_number=course_overview.number, course_name=course_overview.display_name_with_default_escaped) |h} % endif % else: - ${_('{course_number} {course_name} Cover Image').format(course_number=course_overview.number, course_name=course_overview.display_name_with_default) | h} + ${_('{course_number} {course_name} Cover Image').format(course_number=course_overview.number, course_name=course_overview.display_name_with_default_escaped) | h} % endif % if settings.FEATURES.get('ENABLE_VERIFIED_CERTIFICATES') and course_verified_certs.get('display_mode') != 'audit': @@ -89,12 +89,12 @@ from student.helpers import (

    % if show_courseware_link: % if not is_course_blocked: - ${course_overview.display_name_with_default} + ${course_overview.display_name_with_default_escaped} % else: - ${course_overview.display_name_with_default} + ${course_overview.display_name_with_default_escaped} % endif % else: - ${course_overview.display_name_with_default} + ${course_overview.display_name_with_default_escaped} % endif

    @@ -119,15 +119,15 @@ from student.helpers import ( % if show_courseware_link: % if course_overview.has_ended(): % if not is_course_blocked: - ${_('View Archived Course')} ${course_overview.display_name_with_default} + ${_('View Archived Course')} ${course_overview.display_name_with_default_escaped} % else: - ${_('View Archived Course')} ${course_overview.display_name_with_default} + ${_('View Archived Course')} ${course_overview.display_name_with_default_escaped} % endif % else: % if not is_course_blocked: - ${_('View Course')} ${course_overview.display_name_with_default} + ${_('View Course')} ${course_overview.display_name_with_default_escaped} % else: - ${_('View Course')} ${course_overview.display_name_with_default} + ${_('View Course')} ${course_overview.display_name_with_default_escaped} % endif % endif @@ -178,7 +178,7 @@ from student.helpers import ( % endif % endif
    - @@ -188,13 +188,13 @@ from student.helpers import (
  • % if is_paid_course and show_refund_option: % if not is_course_blocked: - ${_('Unenroll')} % else: - ${_('Unenroll')} @@ -202,13 +202,13 @@ from student.helpers import ( % endif % elif is_paid_course and not show_refund_option: % if not is_course_blocked: - ${_('Unenroll')} % else: - ${_('Unenroll')} @@ -216,25 +216,25 @@ from student.helpers import ( % endif % elif enrollment.mode != "verified": % if not is_course_blocked: - ${_('Unenroll')} % else: - ${_('Unenroll')} % endif % elif show_refund_option: % if not is_course_blocked: - ${_('Unenroll')} % else: - ${_('Unenroll')} @@ -242,13 +242,13 @@ from student.helpers import ( % endif % else: % if not is_course_blocked: - ${_('Unenroll')} % else: - ${_('Unenroll')} @@ -360,7 +360,7 @@ from student.helpers import ( 'href="#unenroll-modal">'.format( course_id=escape(course_overview.id), course_number=escape(course_overview.number), - course_name=escape(course_overview.display_name_with_default), + course_name=escape(course_overview.display_name_with_default_escaped), ) ), unenroll_link_end="", diff --git a/lms/templates/discussion/index.html b/lms/templates/discussion/index.html index 3be7b41ab3..465f34d2c9 100644 --- a/lms/templates/discussion/index.html +++ b/lms/templates/discussion/index.html @@ -28,7 +28,7 @@ from django.core.urlresolvers import reverse
    -
    +
    • diff --git a/lms/templates/emails/account_creation_and_enroll_emailMessage.txt b/lms/templates/emails/account_creation_and_enroll_emailMessage.txt index 364a8f6f2f..0d88ebe34d 100644 --- a/lms/templates/emails/account_creation_and_enroll_emailMessage.txt +++ b/lms/templates/emails/account_creation_and_enroll_emailMessage.txt @@ -1,6 +1,6 @@ <%! from django.utils.translation import ugettext as _ %> -${_("Welcome to {course_name}").format(course_name=course.display_name_with_default)} +${_("Welcome to {course_name}").format(course_name=course.display_name_with_default_escaped)} ${_("To get started, please visit https://{site_name}. The login information for your account follows.").format(site_name=site_name)} @@ -11,4 +11,4 @@ ${_("It is recommended that you change your password.")} ${_("Sincerely yours," "" -"The {course_name} Team").format(course_name=course.display_name_with_default)} +"The {course_name} Team").format(course_name=course.display_name_with_default_escaped)} diff --git a/lms/templates/emails/add_beta_tester_email_message.txt b/lms/templates/emails/add_beta_tester_email_message.txt index 5d7d336ae2..9c544bda32 100644 --- a/lms/templates/emails/add_beta_tester_email_message.txt +++ b/lms/templates/emails/add_beta_tester_email_message.txt @@ -4,7 +4,7 @@ ${_("Dear {full_name}").format(full_name=full_name)} ${_("You have been invited to be a beta tester for {course_name} at {site_name} by a " "member of the course staff.").format( - course_name=course.display_name_with_default, + course_name=course.display_name_with_default_escaped, site_name=site_name )} diff --git a/lms/templates/emails/add_beta_tester_email_subject.txt b/lms/templates/emails/add_beta_tester_email_subject.txt index e147d87bad..eee3f83a8d 100644 --- a/lms/templates/emails/add_beta_tester_email_subject.txt +++ b/lms/templates/emails/add_beta_tester_email_subject.txt @@ -1,5 +1,5 @@ <%! from django.utils.translation import ugettext as _ %> ${_("You have been invited to a beta test for {course_name}").format( - course_name=course.display_name_with_default + course_name=course.display_name_with_default_escaped )} diff --git a/lms/templates/emails/enroll_email_allowedmessage.txt b/lms/templates/emails/enroll_email_allowedmessage.txt index 8a24dedde0..8f120a10f2 100644 --- a/lms/templates/emails/enroll_email_allowedmessage.txt +++ b/lms/templates/emails/enroll_email_allowedmessage.txt @@ -4,7 +4,7 @@ ${_("Dear student,")} ${_("You have been invited to join {course_name} at {site_name} by a " "member of the course staff.").format( - course_name=display_name or course.display_name_with_default, + course_name=display_name or course.display_name_with_default_escaped, site_name=site_name )} % if is_shib_course: @@ -26,13 +26,13 @@ ${_("To finish your registration, please visit {registration_url} and fill " % if auto_enroll: ${_("Once you have registered and activated your account, you will see " "{course_name} listed on your dashboard.").format( - course_name=display_name or course.display_name_with_default + course_name=display_name or course.display_name_with_default_escaped )} % elif course_about_url is not None: ${_("Once you have registered and activated your account, visit {course_about_url} " "to join the course.").format(course_about_url=course_about_url)} % else: -${_("You can then enroll in {course_name}.").format(course_name=display_name or course.display_name_with_default)} +${_("You can then enroll in {course_name}.").format(course_name=display_name or course.display_name_with_default_escaped)} % endif % endif diff --git a/lms/templates/emails/enroll_email_allowedsubject.txt b/lms/templates/emails/enroll_email_allowedsubject.txt index 186b84b9ce..3a9df2271c 100644 --- a/lms/templates/emails/enroll_email_allowedsubject.txt +++ b/lms/templates/emails/enroll_email_allowedsubject.txt @@ -1,5 +1,5 @@ <%! from django.utils.translation import ugettext as _ %> ${_("You have been invited to register for {course_name}").format( - course_name=display_name or course.display_name_with_default + course_name=display_name or course.display_name_with_default_escaped )} \ No newline at end of file diff --git a/lms/templates/emails/enroll_email_enrolledmessage.txt b/lms/templates/emails/enroll_email_enrolledmessage.txt index 2fe1bcb236..cc40568280 100644 --- a/lms/templates/emails/enroll_email_enrolledmessage.txt +++ b/lms/templates/emails/enroll_email_enrolledmessage.txt @@ -5,7 +5,7 @@ ${_("Dear {full_name}").format(full_name=full_name)} ${_("You have been enrolled in {course_name} at {site_name} by a member " "of the course staff. The course should now appear on your {site_name} " "dashboard.").format( - course_name=display_name or course.display_name_with_default, + course_name=display_name or course.display_name_with_default_escaped, site_name=site_name )} diff --git a/lms/templates/emails/enroll_email_enrolledsubject.txt b/lms/templates/emails/enroll_email_enrolledsubject.txt index accb21886e..7774aac1cc 100644 --- a/lms/templates/emails/enroll_email_enrolledsubject.txt +++ b/lms/templates/emails/enroll_email_enrolledsubject.txt @@ -1,5 +1,5 @@ <%! from django.utils.translation import ugettext as _ %> ${_("You have been enrolled in {course_name}").format( - course_name=display_name or course.display_name_with_default + course_name=display_name or course.display_name_with_default_escaped )} \ No newline at end of file diff --git a/lms/templates/emails/remove_beta_tester_email_message.txt b/lms/templates/emails/remove_beta_tester_email_message.txt index 3a7b4df827..6bcfa51de8 100644 --- a/lms/templates/emails/remove_beta_tester_email_message.txt +++ b/lms/templates/emails/remove_beta_tester_email_message.txt @@ -5,7 +5,7 @@ ${_("Dear {full_name}").format(full_name=full_name)} ${_("You have been removed as a beta tester for {course_name} at {site_name} by a " "member of the course staff. The course will remain on your dashboard, but " "you will no longer be part of the beta testing group.").format( - course_name=course.display_name_with_default, + course_name=course.display_name_with_default_escaped, site_name=site_name )} diff --git a/lms/templates/emails/remove_beta_tester_email_subject.txt b/lms/templates/emails/remove_beta_tester_email_subject.txt index c81f606f8d..47cb095026 100644 --- a/lms/templates/emails/remove_beta_tester_email_subject.txt +++ b/lms/templates/emails/remove_beta_tester_email_subject.txt @@ -1,5 +1,5 @@ <%! from django.utils.translation import ugettext as _ %> ${_("You have been removed from a beta test for {course_name}").format( - course_name=course.display_name_with_default + course_name=course.display_name_with_default_escaped )} diff --git a/lms/templates/emails/unenroll_email_allowedmessage.txt b/lms/templates/emails/unenroll_email_allowedmessage.txt index f42786ff49..5b2524a046 100644 --- a/lms/templates/emails/unenroll_email_allowedmessage.txt +++ b/lms/templates/emails/unenroll_email_allowedmessage.txt @@ -4,7 +4,7 @@ ${_("Dear Student,")} ${_("You have been un-enrolled from course {course_name} by a member " "of the course staff. Please disregard the invitation " - "previously sent.").format(course_name=display_name or course.display_name_with_default)} + "previously sent.").format(course_name=display_name or course.display_name_with_default_escaped)} ---- ${_("This email was automatically sent from {site_name} " diff --git a/lms/templates/emails/unenroll_email_enrolledmessage.txt b/lms/templates/emails/unenroll_email_enrolledmessage.txt index a74e167758..1dee0a64ae 100644 --- a/lms/templates/emails/unenroll_email_enrolledmessage.txt +++ b/lms/templates/emails/unenroll_email_enrolledmessage.txt @@ -5,13 +5,13 @@ ${_("Dear {full_name}").format(full_name=full_name)} ${_("You have been un-enrolled in {course_name} at {site_name} by a member " "of the course staff. The course will no longer appear on your " "{site_name} dashboard.").format( - course_name=display_name or course.display_name_with_default, site_name=site_name + course_name=display_name or course.display_name_with_default_escaped, site_name=site_name )} ${_("Your other courses have not been affected.")} ---- ${_("This email was automatically sent from {site_name} to " - "{full_name}").format( - full_name=full_name, site_name=site_name - )} \ No newline at end of file + "{full_name}").format( + full_name=full_name, site_name=site_name + )} diff --git a/lms/templates/emails/unenroll_email_subject.txt b/lms/templates/emails/unenroll_email_subject.txt index 65028ff7fe..1db012d9e7 100644 --- a/lms/templates/emails/unenroll_email_subject.txt +++ b/lms/templates/emails/unenroll_email_subject.txt @@ -1,5 +1,5 @@ <%! from django.utils.translation import ugettext as _ %> ${_("You have been un-enrolled from {course_name}").format( - course_name=display_name or course.display_name_with_default + course_name=display_name or course.display_name_with_default_escaped )} \ No newline at end of file diff --git a/lms/templates/navigation-edx.html b/lms/templates/navigation-edx.html index 9cf013f017..553ae3f7a7 100644 --- a/lms/templates/navigation-edx.html +++ b/lms/templates/navigation-edx.html @@ -50,7 +50,7 @@ site_status_msg = get_site_status_msg(course_id)

    ${course.display_org_with_default | h}: ${course.display_number_with_default | h} - ${course.display_name_with_default} + ${course.display_name_with_default_escaped}

    % endif diff --git a/lms/templates/navigation.html b/lms/templates/navigation.html index 871fa0da7c..5926984e04 100644 --- a/lms/templates/navigation.html +++ b/lms/templates/navigation.html @@ -51,7 +51,7 @@ site_status_msg = get_site_status_msg(course_id)

    ${course.display_org_with_default | h}: ${course.display_number_with_default | h} <% - display_name = course.display_name_with_default + display_name = course.display_name_with_default_escaped if settings.FEATURES.get('CUSTOM_COURSES_EDX', False): ccx = get_current_ccx(course.id) if ccx: diff --git a/lms/templates/shoppingcart/receipt.html b/lms/templates/shoppingcart/receipt.html index 6bccd94cc7..aa3beede3c 100644 --- a/lms/templates/shoppingcart/receipt.html +++ b/lms/templates/shoppingcart/receipt.html @@ -292,7 +292,7 @@ from openedx.core.lib.courses import course_image_url
    ${course.display_number_with_default | h} ${course.display_name_with_default} Image + alt="${course.display_number_with_default | h} ${course.display_name_with_default_escaped} Image"/>
    diff --git a/lms/templates/shoppingcart/registration_code_receipt.html b/lms/templates/shoppingcart/registration_code_receipt.html index b0eba27f9c..14a6c889df 100644 --- a/lms/templates/shoppingcart/registration_code_receipt.html +++ b/lms/templates/shoppingcart/registration_code_receipt.html @@ -20,7 +20,7 @@ from openedx.core.lib.courses import course_image_url ${_(
    diff --git a/lms/templates/shoppingcart/registration_code_redemption.html b/lms/templates/shoppingcart/registration_code_redemption.html index 6c8601e651..05e16e79ba 100644 --- a/lms/templates/shoppingcart/registration_code_redemption.html +++ b/lms/templates/shoppingcart/registration_code_redemption.html @@ -20,7 +20,7 @@ from openedx.core.lib.courses import course_image_url ${_(
    diff --git a/lms/templates/shoppingcart/shopping_cart.html b/lms/templates/shoppingcart/shopping_cart.html index eb6f5e8e82..075cd5e52c 100644 --- a/lms/templates/shoppingcart/shopping_cart.html +++ b/lms/templates/shoppingcart/shopping_cart.html @@ -66,7 +66,7 @@ from openedx.core.lib.courses import course_image_url
    ${course.display_number_with_default | h} ${course.display_name_with_default} ${_('Cover Image')} + alt="${course.display_number_with_default | h} ${course.display_name_with_default_escaped} ${_('Cover Image')}" />
    ## Translators: "Registration for:" is followed by a course name diff --git a/openedx/core/djangoapps/content/course_overviews/models.py b/openedx/core/djangoapps/content/course_overviews/models.py index 659bf21ee2..9ebd1017f6 100644 --- a/openedx/core/djangoapps/content/course_overviews/models.py +++ b/openedx/core/djangoapps/content/course_overviews/models.py @@ -324,6 +324,20 @@ class CourseOverview(TimeStampedModel): """ return course_metadata_utils.display_name_with_default(self) + @property + def display_name_with_default_escaped(self): + """ + DEPRECATED: use display_name_with_default + + Return html escaped reasonable display name for the course. + + Note: This newly introduced method should not be used. It was only + introduced to enable a quick search/replace and the ability to slowly + migrate and test switching to display_name_with_default, which is no + longer escaped. + """ + return course_metadata_utils.display_name_with_default_escaped(self) + def has_started(self): """ Returns whether the the course has started. diff --git a/openedx/core/djangoapps/content/course_overviews/tests.py b/openedx/core/djangoapps/content/course_overviews/tests.py index a7a15c4b0a..1afb491868 100644 --- a/openedx/core/djangoapps/content/course_overviews/tests.py +++ b/openedx/core/djangoapps/content/course_overviews/tests.py @@ -104,6 +104,7 @@ class CourseOverviewTestCase(ModuleStoreTestCase): 'number', 'url_name', 'display_name_with_default', + 'display_name_with_default_escaped', 'start_date_is_still_default', 'pre_requisite_courses', 'enrollment_domain', diff --git a/openedx/core/lib/xblock_utils.py b/openedx/core/lib/xblock_utils.py index 72f55bb81b..a0aefb3ef6 100644 --- a/openedx/core/lib/xblock_utils.py +++ b/openedx/core/lib/xblock_utils.py @@ -128,7 +128,7 @@ def wrap_xblock( template_context = { 'content': block.display_name if display_name_only else frag.content, 'classes': css_classes, - 'display_name': block.display_name_with_default, + 'display_name': block.display_name_with_default_escaped, 'data_attributes': u' '.join(u'data-{}="{}"'.format(markupsafe.escape(key), markupsafe.escape(value)) for key, value in data.iteritems()), } diff --git a/themes/edx.org/lms/templates/header.html b/themes/edx.org/lms/templates/header.html index f5790b4319..4ff5eaa41b 100644 --- a/themes/edx.org/lms/templates/header.html +++ b/themes/edx.org/lms/templates/header.html @@ -50,7 +50,7 @@ site_status_msg = get_site_status_msg(course_id)

    ${course.display_org_with_default | h}: ${course.display_number_with_default | h} - ${course.display_name_with_default} + ${course.display_name_with_default_escaped}

    % endif diff --git a/themes/red-theme/lms/templates/header.html b/themes/red-theme/lms/templates/header.html index b36059c3d9..27c49feebe 100755 --- a/themes/red-theme/lms/templates/header.html +++ b/themes/red-theme/lms/templates/header.html @@ -52,7 +52,7 @@ site_status_msg = get_site_status_msg(course_id)

    ${course.display_org_with_default | h}: ${course.display_number_with_default | h} <% - display_name = course.display_name_with_default + display_name = course.display_name_with_default_escaped if settings.FEATURES.get('CUSTOM_COURSES_EDX', False): ccx = get_current_ccx() if ccx: